@floless/app 0.10.0 → 0.11.0

package/dist/floless-server.cjs

@@ -51978,6 +51978,18 @@ function env() {
     webBase: process.env.FLOLESS_WEB_BASE || base.webBase
   };
 }
+function isLoopback(host) {
+  return host === "127.0.0.1" || host === "localhost" || host === "::1" || host.endsWith(".localhost");
+}
+var TRUSTED_API_ORIGINS = /* @__PURE__ */ new Set(["https://api.floless.io", "https://api.stage.floless.io"]);
+function isTrustedFlolessHost(url) {
+  try {
+    const u = new URL(url);
+    return isLoopback(u.hostname) || TRUSTED_API_ORIGINS.has(u.origin);
+  } catch {
+    return false;
+  }
+}
 var OFFLINE_GRACE_MS = 24 * 60 * 60 * 1e3;
 var MEM_CACHE_MS = 60 * 1e3;
 var REFRESH_SKEW_MS = 60 * 1e3;
@@ -52059,6 +52071,7 @@ async function resolveToken() {
   const t = readTokens();
   if (!t) return { token: null, reason: "signed-out" };
   if (Date.now() < t.expiresAt - REFRESH_SKEW_MS) return { token: t.accessToken };
+  if (!isTrustedFlolessHost(env().apiBase)) return { token: null, reason: "session-expired" };
   let res;
   try {
     res = await fetch(`${env().apiBase}/auth/refresh`, {
@@ -52361,7 +52374,7 @@ function appVersion() {
   return resolveVersion({
     isSea: isSea2(),
     sqVersionXml: readSqVersionXml(),
-    define: true ? "0.10.0" : void 0,
+    define: true ? "0.11.0" : void 0,
     pkgVersion: readPkgVersion()
   });
 }
@@ -52371,7 +52384,7 @@ function resolveChannel(s) {
   return "dev";
 }
 function appChannel() {
-  return resolveChannel({ isSea: isSea2(), define: true ? "0.10.0" : void 0 });
+  return resolveChannel({ isSea: isSea2(), define: true ? "0.11.0" : void 0 });
 }
 
 // oauth-presets.ts
@@ -53802,18 +53815,6 @@ function feedUrl() {
   const env2 = (process.env.FLOLESS_UPDATE_URL ?? "").trim().replace(/\/+$/, "");
   return env2 || updateApiBase();
 }
-function isLoopback(host) {
-  return host === "127.0.0.1" || host === "localhost" || host === "::1" || host.endsWith(".localhost");
-}
-var TRUSTED_FEED_ORIGINS = /* @__PURE__ */ new Set(["https://api.floless.io", "https://api.stage.floless.io"]);
-function isTrustedFlolessHost(url) {
-  try {
-    const u = new URL(url);
-    return isLoopback(u.hostname) || TRUSTED_FEED_ORIGINS.has(u.origin);
-  } catch {
-    return false;
-  }
-}
 async function authedFetch(url, init = {}) {
   const headers = new Headers(init.headers);
   if (isTrustedFlolessHost(url)) {
@@ -53980,6 +53981,43 @@ async function reportIssue(input) {
   return { ok: true, ref };
 }
 
+// report-share.ts
+var SHARE_TIMEOUT_MS = 3e4;
+async function shareReport(input) {
+  let token;
+  try {
+    token = await accessToken();
+  } catch {
+    return { ok: false, error: "offline" };
+  }
+  if (!token) return { ok: false, error: "signed_out" };
+  const url = `${apiBaseUrl()}/reports`;
+  let res;
+  try {
+    res = await authedFetch(url, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify(input),
+      signal: AbortSignal.timeout(SHARE_TIMEOUT_MS)
+    });
+  } catch {
+    return { ok: false, error: "offline" };
+  }
+  if (res.status === 401) return { ok: false, error: "signed_out" };
+  if (res.status === 403) return { ok: false, error: "no_subscription" };
+  if (res.status === 429) return { ok: false, error: "rate_limited" };
+  if (res.status === 413) return { ok: false, error: "too_large" };
+  if (!res.ok) return { ok: false, error: "offline" };
+  try {
+    const b = await res.json();
+    if (typeof b.url === "string" && b.url && new URL(b.url).protocol === "https:") {
+      return { ok: true, url: b.url };
+    }
+  } catch {
+  }
+  return { ok: false, error: "offline" };
+}
+
 // release-notes.ts
 var FETCH_TIMEOUT_MS = 8e3;
 var AWARE_REPO = "aware-aeco/aware";
@@ -56548,6 +56586,9 @@ async function startServer() {
       app.log.warn({ detail: err.detail }, err.message);
       return reply.status(502).send({ ok: false, error: err.message, detail: err.detail ?? null });
     }
+    if (err.statusCode === 413) {
+      return reply.status(413).send({ ok: false, error: "too_large" });
+    }
     app.log.error(err);
     return reply.status(500).send({ ok: false, error: err.message });
   });
@@ -56628,6 +56669,20 @@ async function startServer() {
       return reply.status(status).send({ ok: false, error: result.error });
     }
   );
+  app.post(
+    "/api/share-report",
+    { bodyLimit: 6 * 1024 * 1024 },
+    async (req, reply) => {
+      const b = req.body ?? {};
+      const html = typeof b.html === "string" ? b.html : "";
+      const title = typeof b.title === "string" ? b.title.trim().slice(0, 200) : "";
+      if (!html) return reply.status(400).send({ ok: false, error: "html is required" });
+      const result = await shareReport({ title: title || "FloLess report", html });
+      if (result.ok) return { ok: true, url: result.url };
+      const status = result.error === "signed_out" ? 401 : result.error === "no_subscription" ? 403 : result.error === "rate_limited" ? 429 : result.error === "too_large" ? 413 : 503;
+      return reply.status(status).send({ ok: false, error: result.error });
+    }
+  );
   app.get("/api/autostart", async () => {
     const supported = autostartSupported();
     return { ok: true, supported, enabled: supported ? autostartPresent() : false };

package/dist/web/aware.js

@@ -22,6 +22,7 @@
   const $reportTitle = document.getElementById('report-title');
   const $reportSub = document.getElementById('report-sub');
   const $reportOpen = document.getElementById('report-open');
+  const $reportShare = document.getElementById('report-share');
   const $reportClose = document.getElementById('report-close');
 
   // One persistent array the inspect Execution tab reads; we mutate in place so
@@ -908,7 +909,9 @@
     try { await api('/api/run/stop', { method: 'POST' }); } catch { /* the run's own catch surfaces it */ }
   }
 
-  function paintReport(html) { $reportFrame.srcdoc = html; $reportOverlay.hidden = true; $reportOverlay.innerHTML = ''; }
+  // Share is visible exactly when the frame holds a report (the empty state HIDES it —
+  // never a disabled affordance with no path forward).
+  function paintReport(html) { $reportFrame.srcdoc = html; $reportOverlay.hidden = true; $reportOverlay.replaceChildren(); $reportShare.hidden = false; }
 
   // Double-click the HTML Viewer node → LOAD the last report (no run; running is
   // the header "▶ Run workflow" button's job). Shows a prompt if nothing has run yet.
@@ -925,6 +928,7 @@
       paintReport(cached.html);
     } else {
       $reportFrame.srcdoc = '';
+      $reportShare.hidden = true; // nothing to share — hide, don't disable
       $reportOverlay.hidden = false;
       $reportOverlay.innerHTML = `<div>No report yet. Click <strong>▶ Run workflow</strong> (top right) to run it against the live model, then double-click to view it any time.</div>`;
       $reportSub.textContent = 'Double-click loads the last report; ▶ Run workflow generates a fresh one.';
@@ -948,6 +952,7 @@
     $reportTitle.textContent = `HTML Viewer · ${app.displayName}`;
     $reportSub.innerHTML = `Live run of <code>${escapeHtml(nodeId)}</code>${inputBadge ? ' · ' + escapeHtml(inputBadge) : ''} — rendered from the node's output, never composed by the UI.`;
     $reportFrame.srcdoc = ''; // clear any previously rendered report while this run is in flight
+    $reportShare.hidden = true; // the frame is blank — only a painted report is shareable
     $reportOverlay.hidden = false;
     $reportOverlay.innerHTML = opts.debug
       ? `<div class="spinner"></div><div>Launching the .NET debugger for <code>${escapeHtml(nodeId)}</code> — a Windows picker will pop; choose your <strong>Visual Studio</strong> to attach to <code>aware-tekla.exe</code>, then step through. The report renders when you let it finish.</div>`
@@ -1022,6 +1027,7 @@
 
   function showCredentialReconnect(cred) {
     $reportFrame.srcdoc = '';
+    $reportShare.hidden = true;
     $reportOverlay.hidden = false;
     $reportOverlay.replaceChildren();
 
@@ -1267,6 +1273,51 @@
     window.open(url, '_blank');
     setTimeout(() => URL.revokeObjectURL(url), 30000);
   };
+
+  // Share the on-screen report → a hosted floless.io link. The local server does the
+  // upload (the bearer never reaches this page); we relay exactly the HTML the run
+  // produced and surface the returned link. Disabled while in flight (double-click =
+  // double upload), and the link lands in $reportSub as a real DOM anchor (mkEl, not
+  // markup) so a server-returned URL can never inject HTML.
+  $reportShare.onclick = async () => {
+    const cached = currentId && lastReportByApp.get(currentId);
+    // Share exactly what's on screen — the frame's srcdoc — so the link can never carry
+    // a different report than the one the user is looking at (e.g. another app's cache).
+    const html = $reportFrame.srcdoc;
+    if (!html || !cached) return; // button is hidden in this state; belt-and-braces
+    const app = apps.get(currentId);
+    const title = `${app ? app.displayName : currentId}${cached.label ? ' · ' + cached.label : ''}`;
+    $reportShare.disabled = true;
+    const prev = $reportShare.textContent;
+    $reportShare.textContent = 'Sharing…';
+    try {
+      const res = await api('/api/share-report', { method: 'POST', body: JSON.stringify({ title, html }) });
+      await navigator.clipboard.writeText(res.url).catch(() => {});
+      const link = mkEl('a', null, res.url.replace(/^https:\/\//, ''));
+      link.href = res.url;
+      link.target = '_blank';
+      link.rel = 'noopener';
+      $reportSub.replaceChildren(
+        document.createTextNode('Shared — '),
+        link,
+        document.createTextNode(' — copied to clipboard. Anyone with the link can view this frozen report.'),
+      );
+      showToast('Link copied to clipboard', 'ok');
+    } catch (e) {
+      const err = e && e.body && e.body.error;
+      const msg =
+        err === 'signed_out' ? 'Your FloLess sign-in has expired — sign in again to share reports.' :
+        err === 'no_subscription' || err === 'subscription required'
+          ? 'A FloLess subscription is required to share reports — sign in to continue.' :
+        err === 'rate_limited' ? 'Share limit reached (30 per hour) — try again in a few minutes.' :
+        err === 'too_large' ? 'Report is too large to share (over 5 MB).' :
+        'Couldn’t reach FloLess — check your connection and try sharing again.';
+      showToast(msg, 'warn');
+    } finally {
+      $reportShare.disabled = false;
+      $reportShare.textContent = prev;
+    }
+  };
   $promptSel.onchange = () => { loadApp($promptSel.value).catch(reportErr); };
 
   $compileBtn.onclick = async () => {

package/dist/web/index.html

@@ -246,12 +246,17 @@
           <div class="modal-sub" id="report-sub">Rendered from the live run — never composed by the UI.</div>
         </div>
         <div class="report-actions">
+          <button id="report-share" class="ghost" hidden data-tip="Share this report as a link anyone can view — hosted on floless.io">↗ Share</button>
           <button id="report-open" class="ghost" data-tip="Open the report in a new browser tab">↗ Open</button>
           <button id="report-close" data-tip="Close">×</button>
         </div>
       </div>
       <div class="report-stage" id="report-stage">
-        <iframe id="report-frame" sandbox="allow-same-origin" title="Report"></iframe>
+        <!-- allow-popups (+ escape): the report's own links — the "Made with FloLess"
+             badge above all — must open in a real, unsandboxed tab. Scripts stay
+             blocked and there is NO allow-same-origin: the report remains an opaque
+             origin with zero access to the app page. -->
+        <iframe id="report-frame" sandbox="allow-popups allow-popups-to-escape-sandbox" title="Report"></iframe>
         <div class="report-overlay" id="report-overlay" hidden></div>
       </div>
     </div>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@floless/app",
-  "version": "0.10.0",
+  "version": "0.11.0",
   "type": "module",
   "description": "Thin localhost host for floless.app — serves web/ and shells the aware CLI. No engine, no LLM.",
   "bin": {